package com.jlf.app.authorization.controller;

import com.jlf.core.annotation.restful.controller.RestfulController;
import com.jlf.core.annotation.restful.method.RestfulGet;
import com.jlf.core.annotation.restful.method.RestfulPost;
import com.jlf.core.oidc.constant.Oidc;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestParam;

/**
 * 授权接口，即为用户登录
 *
 * @author wujr
 * 2023/8/4
 * @version 1.0
 * 【变更历史】
 * [wujr 2023/8/4 1.0 新增]
 */
@Slf4j
@Tag(name = "用户身份授权接口")
@RestfulController(path = "/rest/security/{business}/{app}/oidc/authorize", name = "用户身份授权接口")
@RequiredArgsConstructor
public class AuthorizeController {
    @RestfulPost(path = "/credentials/password", code = "authorizePasswordCredentials", name = "根据密码凭证授权登录")
    public void authorizePasswordCredentials() throws Exception{

    }
    @RestfulPost(path = "/credentials/captcha", code = "authorizeCaptchaCredentials", name = "根据验证码凭证授权登录")
    public void authorizeCaptchaCredentials() throws Exception{

    }
    @RestfulPost(path = "/credentials/qrcode", code = "authorizeQrcodeCredentials", name = "根据二维码凭证授权登录")
    public void authorizeQrcodeCredentials() throws Exception{

    }

    /**
     * 申请临时授权码的接口
     * @param codeChallenge 挑战码，前端生成一个43-128长度的校验码(code_verifier)，base64(sha256(code_verifier))
     * @param nonce 随机字符串，应用随机生成的一个字符串，服务器会以 HTTP 响应参数的形式原样返回给应用。为防止 CSRF 攻击，建议携带此参数。
     * @param redirectUri 申请授权码成功后重定向的地址，空则表示不进行重定向，不空，需要和该应用的登录重定向保持一致
     * @param signature 本次申请的签名，核对正确后，才能颁发临时授权码
     * @param business 所属的业务编码
     * @param app 当前请求的应用编码
     * @throws Exception 申请失败，抛出异常
     */
    @RestfulGet(path = "/code", code = "applyAuthorizeCode", name = "申请临时授权码")
    public void applyAuthorizeCode(@RequestParam("code_challenge") String codeChallenge,
                                   @RequestParam("nonce") String nonce,
                                   @RequestParam(value = "redirect_uri", required = false) String redirectUri,
                                   @RequestHeader(Oidc.Header.sig) String signature,
                                   @PathVariable("business") String business,
                                   @PathVariable("app") String app) throws Exception{

    }
}
